Educause Security Discussion mailing list archives

Re: Security Awareness Program assistance

From: "Shamblin, Quinn" <qrs () BU EDU>
Date: Mon, 1 Jun 2015 13:07:18 +0000

;)

Here’s the link:  https://drive.google.com/open?id=0B2emeE4qwnJ2a1FxMHVta0o1YjQ&authuser=0
I’ll leave it up until the end of the week.

Best,

Quinn R Shamblin                                                  .
Executive Director of Information Security, Boston University

Security Tip:
One of the most effective things you can do to keep your online accounts safe is to use a good password manager like 
LastPass or 1Password.  With these, you only have to remember one (strong) password but all your websites will have 
different (very strong) passwords.  If one gets compromised, you only have to change it on that one site--the rest of 
your sites are not at risk.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of John 
Husfield
Sent: Friday, May 29, 2015 4:37 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Security Awareness Program assistance

Hello Quinn,

You are a wonderful person! I’d love to see that framework as well – I am tasked with the same project – my first at a 
university.

Best Regards,
John
____________________________
John Husfield, MS | CISSP, CISA
Sr. Information Assurance Analyst
Email: jhusfield () bowiestate edu<mailto:jhusfield () bowiestate edu> | Phone: 301-860-3934
Division of Information Technology | Thurgood Marshall Library, Rm 250
Bowie State University | www.bowiestate.edu<http://www.bowiestate.edu/>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Larry K. 
Emmons
Sent: Thursday, May 28, 2015 3:56 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Security Awareness Program assistance

Hi Quinn,

I'd be interested in your framework as well.

Thanks,
Larry Emmons
Director of Technology and Support Services
Saginaw Valley State University

Sent from my iPhone

On May 28, 2015, at 2:28 PM, KILDARE,Duane V <duane.kildare () UWIMONA EDU JM<mailto:duane.kildare () UWIMONA EDU JM>> 
wrote:
Hello Quinn,

I am also starting an initiative of this nature and I would be grateful if you could also share this info with me.

Thanks.

Duane Kildare
Information Technology Officer
Office of the University CIO
The University of the West Indies
Regional Headquarters
Hermitage Road
Kingston 7
Jamaica W.I

Internal Extension:  8903
(876) 702-2433/3641 (Office)
Cell (876) 458-5989
duane.kildare () uwimona edu jm<mailto:duane.kildare () uwimona edu jm>


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of 
Shamblin, Quinn
Sent: Wednesday, May 27, 2015 10:48 AM
To: SECURITY () listserv educause edu<mailto:SECURITY () listserv educause edu>
Subject: Re: [SECURITY] Security Awareness Program assistance

Harry Hoffman and I put together a framework for doing this.  I’d be happy to share the documents for reference if you 
are interested.

Best,

Quinn R Shamblin                                                  .
Executive Director of Information Security, Boston University

Security Tip:
One of the most effective things you can do to keep your devices safe is to keep them and the software on them up to 
date.


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, 
Catherine
Sent: Wednesday, May 27, 2015 11:19 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Security Awareness Program assistance

Greetings!

I have been asked to put together a University-wide security awareness program that is phased in over the next two 
years and ideally includes measurements of success.  I would very much like to hear from any of you who have 
successfully undertaken such a project and how you’ve accomplished it, because this is a larger undertaking than I’ve 
ever been expected to complete.  I also would prefer not to reinvent the wheel if there are already great ideas out 
there!

The kinds of things I’m looking for include the approach, how the rollout was accomplished, tools being used, measures 
of success.  FWIW I’d prefer our awareness program to be a positive reinforcement type thing, encouraging folks to want 
to be involved rather than a stick-based program.

Feel free to email me off-line if you’d prefer.  Thanks in advance for your help.

Sincerely,
Cathy


Dr. Catherine J Ullman
Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>

Current thread:

Security Awareness Program assistance Ullman, Catherine (May 27)
- Re: Security Awareness Program assistance Chris Bunn (May 27)
  - Re: Security Awareness Program assistance Ullman, Catherine (May 27)
- Re: Security Awareness Program assistance Shamblin, Quinn (May 27)
  - Re: Security Awareness Program assistance Ullman, Catherine (May 27)
  - Re: Security Awareness Program assistance KILDARE,Duane V (May 28)
    - Re: Security Awareness Program assistance Larry K. Emmons (May 28)
    - Re: Security Awareness Program assistance John Husfield (May 29)
    - Re: Security Awareness Program assistance Shamblin, Quinn (Jun 01)
    - Re: Security Awareness Program assistance Shamblin, Quinn (May 28)
  - Re: Security Awareness Program assistance James Farr (May 28)
    - Re: Security Awareness Program assistance Ian McDonald (May 28)
    - Re: Security Awareness Program assistance Ben Woelk (May 28)
    - Re: Security Awareness Program assistance Valerie Vogel (May 28)
    - Re: Security Awareness Program assistance Miguel Angel Gonzalez de la Torre (May 28)
    - Re: Security Awareness Program assistance Katie Lech (May 28)
- <Possible follow-ups>
- Re: Security Awareness Program assistance Andregg, Bryan Courtney (May 27)
  - Re: Security Awareness Program assistance Ullman, Catherine (May 27)